Attacks/Breaches
3/23/2012
11:02 AM
Connect Directly
RSS
E-Mail
50%
50%

Megaupload Host Wants To Delete Data

Movie industry association wants data retained indefinitely, but hosting company says it's too expensive. Meanwhile, questions rise over why Anonymous launched retaliatory attack--and who paid for it.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
The music, movies, and other data uploaded to cyberlocker website Megaupload before it was shut down may soon be deleted.

According to court documents filed Tuesday, Carpathia Hosting requested an emergency action "to protect it from undue expense and burden resulting from the continued storage of 1,103 computer servers containing 25 petabytes (25 million gigabytes) of data, which were used to provide services to Megaupload."

Megaupload's servers were taken offline by court order in January after federal authorities unsealed an indictment accusing seven executives at the cyberlocker service of engaging in racketeering, money laundering, and copyright violations. Four of the people charged, including 37-year-old Megaupload CEO and founder Kim Dotcom, were arrested by New Zealand authorities. While they were later granted bail, it's expected that U.S. authorities will seek at least Dotcom's extradition.

[ Call 2011 the year of the hacktivist. See When Hackers Want Much More Than Money. ]

Since the Megaupload takedown, Carpathia said it's been spending about $9,000 per day to maintain the servers at Equinix data centers. But due to the Megaupload contracts having been canceled, it must now remove them by April 6, 2012. So Carpathia said it's begun relocating the servers, which have a book value of $1.25 million, to its own data centers, which it said will involve $65,000 in transportation costs and $37,000 per month to lease storage space.

But as noted in the court filing, the servers "could be repurposed to generate revenue for Carpathia if they were not being used to store data for this litigation." Accordingly, it's asked the court to allow it to delete and reprovision the servers; sell them outright to Megaupload, the Motion Picture Association of America (MPAA), or the Electronic Frontier Foundation (EFF), since all have expressed interest in the data stored on the servers; or to require one or more of those organizations to help pay for their upkeep.

The Carpathia court filing, first reported by Wired, includes a copy of a letter from the EFF, co-signed by Kim Dotcom's lawyer, which requests that the hosting companies retain the data for future litigation, as well as to hopefully reunite "innocent individuals" with their data. Another letter included in the filing is from the MPAA, which demanded that Carpathia retain the data indefinitely, including details of which users uploaded specific files, although the MPAA told Wired that it had no plans to sue individual users.

The MPAA's letter, dated January 31, 2012, and the EFF's letter, dated February 1, 2012, appear to have been triggered by news reports that authorities told Megaupload's two hosting companies, Carpathia Hosting and Cogent Communications, that they'd likely be able to begin deleting the Megaupload data as early as February 2, 2012, since investigators had nearly finished reviewing the data.

But the MPAA argued otherwise. "In light of the potential civil claims by the studios, we demand that Carpathia preserve all material in its possession, custody, or control, including electronic data and database, related to Megaupload or its operations," wrote MPAA attorney Steven B. Frabrizio, of law firm Jenner & Block, to Carpathia. "This would include, but is not limited to, all information identifying or otherwise related to the content files uploaded to, stored on, and/or downloaded from Megaupload; all data associated with those content files, the uploading or downloading of those files, and the Megaupload users who uploaded or downloaded those files."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6335
Published: 2014-08-26
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and ...

CVE-2014-0480
Published: 2014-08-26
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL ...

CVE-2014-0481
Published: 2014-08-26
The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a d...

CVE-2014-0482
Published: 2014-08-26
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors relate...

CVE-2014-0483
Published: 2014-08-26
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a to_field ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.